<?php
session_start();

if(isset($_SESSION['authorised']) && $_SESSION['authorised'] == true)
{   
    if(isset($_SESSION['type']))
    {
        if($_SESSION['type'] == 'administrator')
        {
			$title=addslashes(pg_escape_string($_POST['title']));
			$announcement=addslashes(pg_escape_string($_POST['announcement']));
            if($title==''||$announcement=='')
            {
            	$_SESSION['error']='Error in creating announcement. Put information in all fields.';
				header('Location:admin_alert.php');
                exit();
            }
			include('connection.inc');
            
            $sql="INSERT INTO announcements (announcement_title, announcement, announcement_date) VALUES ('$title', '$announcement', localtimestamp)";
			$result=pg_query($sql);
			
			header('Location: admin_manageannouncements.php');
			exit();
        }
        elseif($_SESSION['type'] == 'student')
        {
            header('Location: student_index.php');
            exit();
        }
        elseif($_SESSION['type'] == 'tutor')
        {
            header('Location: tutor_index.php');
            exit();
        }
        elseif($_SESSION['type'] == 'parent')
        {
            header('Location: parent_index.php');
            exit();
        }
    }
}
else
{
    header('Location: index.php');
}
?>
